Developing CTFS - Writing and Hosting Intentionally Vulnerable Applications
Offered By: HackerOne via YouTube
Course Description
Overview
Learn how to develop and host Capture The Flag (CTF) competitions in this 35-minute talk from HackerOne. Explore the essential infrastructure needed to support large-scale events and discover techniques for creating intentionally vulnerable applications while preventing unintended side effects. Gain insights into CTF scoreboard and backend systems, networked versus static challenges, and the use of Docker containers for web and binary exploitation challenges. Understand the importance of player security, infrastructure protection, and automation in challenge creation. Perfect for cybersecurity enthusiasts and event organizers looking to enhance their CTF hosting skills.
Syllabus
Intro
Overview
What Is a Capture The Flag Competition?
CTF Infrastructure (scoreboard)
CTF Infrastructure (backend)
Networked vs. Static Challenges
Networked Challenges
Docker Container (web challenge)
Docker Container (binary exploitation challenge)
Multiple Challenges (docker-compose)
Never Trust The Player
Infrastructure Security
Pitfalls
Automation (challenges)
Wrapping Up
Taught by
HackerOne
Related Courses
Leveraging Bug Bounties for Your CareerHackerOne via YouTube Breaking VNC Clients with Evil Servers
HackerOne via YouTube The Bug Hunter's Methodology - Application Analysis
HackerOne via YouTube Vulnerabilities I've Found - The Fun, the Weird and the Technical
HackerOne via YouTube Submitting High Quality Bug Bounty Reports - Tips from Behind the Curtain
HackerOne via YouTube